CVE-2023-29839
Description
A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-29839
CVSS Score: 5.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Proof Of Concept
jichngan
Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability
Refrence: GitHub